diff -urN ../z-push-2.6.2+0.orig/src/backend/searchldap/config.php ./src/backend/searchldap/config.php
--- ../z-push-2.6.2+0.orig/src/backend/searchldap/config.php	2021-02-04 03:38:38.000000000 +0200
+++ ./src/backend/searchldap/config.php	2021-09-10 22:47:47.701797000 +0300
@@ -26,6 +26,10 @@
 
 // LDAP server uri
 define("LDAP_SERVER_URI", "ldap://127.0.0.1:389/");
+define("LDAP_START_TLS", false);
+
+//define("LDAP_SERVER_URI", "ldaps://127.0.0.1:636/");
+//define("LDAP_DISABLE_REFERRALS", true);
 
 // Set USER and PASSWORD if not using anonymous bind
 define("ANONYMOUS_BIND", true);
diff -urN ../z-push-2.6.2+0.orig/src/backend/searchldap/searchldap.php ./src/backend/searchldap/searchldap.php
--- ../z-push-2.6.2+0.orig/src/backend/searchldap/searchldap.php	2021-02-04 03:38:38.000000000 +0200
+++ ./src/backend/searchldap/searchldap.php	2021-06-28 20:04:30.944485000 +0300
@@ -54,6 +54,19 @@
             throw new StatusException("BackendSearchLDAP(): No LDAP server URI defined! Search aborted.", SYNC_SEARCHSTATUS_STORE_CONNECTIONFAILED, null, LOGLEVEL_ERROR);
         }
 
+        if (defined('LDAP_DISABLE_REFERRALS') and (constant('LDAP_DISABLE_REFERRALS') === true)) {
+            @ldap_set_option($this->connection, LDAP_OPT_REFERRALS, 0);
+        }
+
+        if (defined('LDAP_START_TLS') and (constant('LDAP_START_TLS') === true)) {
+            if (! @ldap_start_tls($this->connection)) {
+                $ldap_errno = ldap_errno($this->connection);
+                $ldap_error = ldap_error($this->connection);
+                $this->connection = false;
+                throw new StatusException("BackendSearchLDAP(): Could not start TLS session with server (error ".$ldap_errno.": ".$ldap_error."). Search aborted.", SYNC_SEARCHSTATUS_STORE_CONNECTIONFAILED, null, LOGLEVEL_ERROR);
+            }
+        }
+
         // Authenticate
         if (constant('ANONYMOUS_BIND') === true) {
             if(! @ldap_bind($this->connection)) {